Skip to content

environment-custom-dns-suffix.md

Latest commit

 

History

History
52 lines (35 loc) · 2.53 KB

environment-custom-dns-suffix.md

File metadata and controls

52 lines (35 loc) · 2.53 KB
title Custom environment DNS suffix in Azure Container Apps
description Learn to manage custom DNS suffix and TLS certificate in Azure Container Apps environments
services container-apps
author craigshoemaker
ms.service azure-container-apps
ms.topic how-to
ms.date 03/18/2025
ms.author cshoe

Custom environment DNS Suffix in Azure Container Apps

Azure Container Apps environment provides a default DNS suffix in the format <UNIQUE_IDENTIFIER>.<REGION_NAME>.azurecontainerapps.io. Each container app in the environment generates a domain name based on this DNS suffix. You can configure a custom DNS suffix for your environment.

Note

To configure a custom domain for individual container apps, see Custom domain names and certificates in Azure Container Apps.

If you configure a custom DNS suffix for your environment, traffic to FQDNs (Fully Qualified Domain Names) that use this suffix resolves to the environment. FQDNs that use this suffix outside of the environment are unreachable.

Add a custom DNS suffix and certificate

  1. Go to your Container Apps environment in the Azure portal

  2. Under the Settings section, select Networking and then click on Custom DNS Suffix.

  3. In Custom DNS suffix, enter the custom DNS suffix for the environment.

    For example, if you enter example.com, the container app domain names are in the format <APP_NAME>.example.com.

  4. In a new browser window, go to your domain provider's website and add the DNS records shown in the Domain validation section to your domain.

    Record type Host Value Description
    A *.<DNS_SUFFIX> Environment inbound IP address Wildcard record configured to the IP address of the environment.
    TXT asuid.<DNS_SUFFIX> Validation token TXT record with the value of the validation token (not required for Container Apps environment with internal load balancer).

  5. Back in the Custom DNS suffix windows, in Certificate file, browse, and select a certificate for the TLS binding.

    [!IMPORTANT] You must use an existing wildcard certificate that's valid for the custom DNS suffix you provided.

  6. In Certificate password, enter the password for the certificate.

  7. Select Save.

Once the saved operation is complete, the environment is updated with the custom DNS suffix and TLS certificate.

Next steps

[!div class="nextstepaction"] Custom domains in Azure Container Apps